package me.sealer.ssm.controller;

import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation;
import io.swagger.annotations.ApiParam;
import lombok.extern.slf4j.Slf4j;
import me.sealer.ssm.constant.Dict;
import me.sealer.ssm.constant.PageConstant;
import me.sealer.ssm.constant.PermissionConstant;
import me.sealer.ssm.constant.RoleConstant;
import me.sealer.ssm.controller.dto.CommonResponse;
import me.sealer.ssm.controller.dto.PasswordModifyRequest;
import me.sealer.ssm.model.User;
import me.sealer.ssm.page.PageResult;
import me.sealer.ssm.service.UserService;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authz.annotation.RequiresPermissions;
import org.apache.shiro.authz.annotation.RequiresRoles;
import org.apache.shiro.subject.Subject;
import org.springframework.http.MediaType;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.RestController;

import javax.validation.Valid;

/**
 * @author sealer
 * @date 2016/09/27
 */
@Slf4j
@RestController
@Api(tags = "用户管理相关api")
@RequestMapping("/userOperations")
@RequiresPermissions(value = {PermissionConstant.USER_MGMT})
public class UserController {
    private final UserService userService;

    public UserController(UserService userService) {
        this.userService = userService;
    }

    /**
     * 查询所用用户方法
     *
     * @return CommonResponse<List < User>>
     */
    @ApiOperation(value = "根据条件分页查询用户列表")
    @RequiresRoles(value = {RoleConstant.ROLE_ADMIN})
    @GetMapping(value = "/queryUsersPage", produces = MediaType.APPLICATION_JSON_VALUE)
    public CommonResponse<PageResult<User>> queryUsersPage(
            @RequestParam(name = Dict.USERNAME, required = false) @ApiParam(value = "用户名", allowEmptyValue = true) String username,
            @RequestParam(value = PageConstant.PAGE_NO) @ApiParam(value = "第几页", required = true) Integer pageNo,
            @RequestParam(value = PageConstant.PAGE_SIZE) @ApiParam(value = "每页几条数据", required = true) Integer pageSize) {

        //调用service方法得到用户列表
        PageResult<User> pageResult = userService.queryUsersPage(username, pageNo, pageSize);
        return new CommonResponse<>(pageResult);
    }

    /**
     * 修改用户密码
     *
     * @param passwordModifyRequest 请求报文体
     * @return CommonResponse
     */
    @ApiOperation(value = "修改用户密码")
    @PostMapping(value = "/passwordModify", produces = MediaType.APPLICATION_JSON_VALUE)
    public CommonResponse modifyPassword(@Valid @RequestBody PasswordModifyRequest passwordModifyRequest) {

        String oldPassword = passwordModifyRequest.getOldPassword();
        String password = passwordModifyRequest.getPassword();
        String confirmPassword = passwordModifyRequest.getConfirmPassword();
        String username = SecurityUtils.getSubject().getPrincipal().toString();
        userService.modifyUserPassword(oldPassword, password, confirmPassword, username);

        Subject subject = SecurityUtils.getSubject();
        SecurityUtils.getSecurityManager().logout(subject);
        return new CommonResponse();
    }
}
